OpenSAML user discussion

["Pantvaidya, Vishwajit" <>]

> [Pantvaidya, Vishwajit] Just to understand this, why not just encrypt with the public key? Does this provide any additional level of security (though I cannot imagine how).

 

One reason is performance.  The asymmetric ciphers (e.g. RSA) tend to be

about 1000 to 10,000 times slower than symmetric ciphers of comparable

strength (i.e. 3 or 4 orders of magnitude).  That's a big hit.  So the

idea is to encrypt a small amount of data (a symmetric key) with the

public key to lessen that hit.

 

And another is pragmatic:  Because of the above, I believe that XML

Encryption does not even define algorithm URI's for say RSA for bulk

data encryption.  You'd have to define cipher modes and so on, if you

want to encrypt data larger than the maximum encryptable block size for

the algorithm.  For RSA, that max block size is a little less than the

modulus size, e.g. for a 2048 bit RSA key, you can encrypt slightly less

than 2k of data.  That's more than enough for encrypting a symmetric key

(e.g. AES 256 bit), but not nearly enough for say a medium to large

sized SAML Assertion...

 

[Pantvaidya, Vishwajit] Brent, thanks a lot for the insight. You mentioned earlier that secret keys are also used to sign SAML responses. Is that also done in a similar way i.e. use a randomly generated secret key to sign and then encrypt the secret key using a public key?